Nearly 8,000 new vulnerabilities affecting the WordPress ecosystem were reported last year, nearly all in plugins and themes.
The post 8,000 New WordPress Vulnerabilities Reported in 2024 appeared first on SecurityWeek.
Nvidia Riva Vulnerabilities Allow Unauthorized Use of AI Services
Vulnerabilities in Nvidia Riva could allow hackers to abuse speech and translation AI services that are typically expensive.
The post Nvidia Riva Vulnerabilities Allow Unauthorized Use of AI Services appeared first on SecurityWeek.
FreeType Zero-Day Being Exploited in the Wild
Meta’s Facebook security team warns of live exploitation of a zero-day vulnerability in the open-source FreeType library.
The post FreeType Zero-Day Being Exploited in the Wild appeared first on SecurityWeek.
Cisco Patches 10 Vulnerabilities in IOS XR
Cisco has released patches for 10 vulnerabilities in IOS XR, including five denial-of-service (DoS) bugs.
The post Cisco Patches 10 Vulnerabilities in IOS XR appeared first on SecurityWeek.
Security Maturity Models: Leveraging Executive Risk Appetite for Your Secure Development Evolution
Organizations can align their processes with one of two global industry standards for self-assessment and security maturity—BSIMM and OWASP SAMM.
The post Security Maturity Models: Leveraging Executive Risk Appetite for Your Secure Development Evolution appeared first on SecurityWeek.
Zoom Patches 4 High-Severity Vulnerabilities
Zoom has patched five vulnerabilities in its applications, including four high-severity flaws.
The post Zoom Patches 4 High-Severity Vulnerabilities appeared first on SecurityWeek.
Fortinet Patches 18 Vulnerabilities
Fortinet has published 17 new advisories to inform customers about 18 vulnerabilities patched in its products.
The post Fortinet Patches 18 Vulnerabilities appeared first on SecurityWeek.
Newly Patched Windows Zero-Day Exploited for Two Years
Microsoft on Tuesday patched a zero-day vulnerability in the Windows Win32 kernel that has been exploited since March 2023.
The post Newly Patched Windows Zero-Day Exploited for Two Years appeared first on SecurityWeek.
Apple Ships iOS 18.3.2 to Fix Already-Exploited WebKit Flaw
Apple warns that the WebKIt bug “may have been exploited in an extremely sophisticated attack against specific targeted individuals.”
The post Apple Ships iOS 18.3.2 to Fix Already-Exploited WebKit Flaw appeared first on SecurityWeek.
Microsoft Flags Six Active Zero-Days, Patches 57 Flaws: Patch Tuesday
Redmond ships major security updates with warnings that a half-dozen Windows vulnerabilities have already been exploited in the wild.
The post Microsoft Flags Six Active Zero-Days, Patches 57 Flaws: Patch Tuesday appeared first on SecurityWeek.